3.5.1 TLS ciphersuites

The handshake protocol of TLS negotiates cipher suites of
a special form illustrated by the TLS_DHE_RSA_WITH_3DES_CBC_SHA cipher suite name. A typical cipher
suite contains these parameters:

The key exchange algorithm.
DHE_RSA in the example.

The Symmetric encryption algorithm and mode
3DES_CBC in this example.

The MAC(4) algorithm used for authentication.
MAC_SHA is used in the above example.

The cipher suite negotiated in the handshake protocol will affect the
record protocol, by enabling encryption and data authentication. Note
that you should not over rely on TLS to negotiate the
strongest available cipher suite. Do not enable ciphers and algorithms
that you consider weak.